If you were a hacker trying to decide your next target, you’d likely want to pick an entity that has highly valuable and useful information that, simultaneously, lacks an effective security program. Though so many of us focus a significant portion of our in-house practices on cybersecurity and data breaches, it may not come to mind right away that this target is right in our backyard: the law firm. As entities, law firm systems contain highly-sensitive financial data, corporate strategies, trade secrets, business transaction information and plenty of both PIIA and PHI. Unfortunately, many firms lack a complete, effective, privacy and security program. According to an ALM Legal Intelligence study, 22% of law firms did not have an organized plan in place to prepare for or respond to a data breach. Only 50% of law firms included in the study have cyber security teams in place to handle and implement the types of complex programs and initiatives necessary to deal with a data breach. Read More
